[Freeipa-users] LDAP server failover via altServer attribute?
Rob Crittenden
rcritten at redhat.com
Fri May 20 14:38:56 UTC 2016
Martin Basti wrote:
> Hello,
>
> IPA uses SRV records for failover to another replica/LDAP.
>
> I don't know how it works on MACs, but in case that there is no
> possibility to use SRV, you may need to file a RFE ticket
> (https://fedorahosted.org/freeipa/newticket)
Agreed, SRV records are the preferred mechanism. I was curious though so
played with this a bit and it is possible to add altServer values:
$ ldapmodify -x -D 'cn=directory manager' -W
Enter LDAP Password:
dn:
changetype: modify
add: altServer
altServer: ldap://gyre.example.com
modifying entry ""
^D
$ ldapsearch -LLL -x -b "" -s base altServer
dn:
altServer: ldap://gyre.example.com
My test rig is a single master so I don't know if this replicates or not.
rob
>
> Martin
>
>
> On 19.05.2016 17:43, Guillermo Fuentes wrote:
>> Hello all,
>>
>> As OS X allows LDAP server failover via the altServer attribute
>> (RFC4512) from RootDSE, it would be great to be able to configure our
>> Macs to connect to a single FreeIPA server and add other FreeIPA
>> servers as multiple altServer values.
>> The current schema doesn't seem to support adding this attribute.
>> Can this be done in a way I'm missing?
>>
>> Thanks in advance!
>>
>> GUILLERMO FUENTES
>> SR. SYSTEMS ADMINISTRATOR
>>
>> 561-880-2998 x1337
>>
>> guillermo.fuentes at modmed.com <mailto:guillermo.fuentes at modmed.com>
>>
>>
>> [ Modernizing Medicine ] <http://www.modmed.com/>
>> [ Facebook ] <http://www.facebook.com/modernizingmedicine> [
>> LinkedIn ] <http://www.linkedin.com/company/modernizing-medicine/> [
>> YouTube ] <http://www.youtube.com/user/modernizingmedicine> [
>> Twitter ] <https://twitter.com/modmed_EMA> [ Blog ]
>> <http://www.modmed.com/BlogBeyondEMR> [ Instagram ]
>> <http://instagram.com/modernizing_medicine>
>>
>>
>>
>>
>>
>
>
>
More information about the Freeipa-users
mailing list